Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1Rh29C-JxZE9qGM7P9cwAlUPkyk.roa
File:                     1Rh29C-JxZE9qGM7P9cwAlUPkyk.roa (raw, json)
Hash identifier:          zEFlxGRq501sRDqMbGadKvThuuUz3MALDjeGAqejnOU=
Subject key identifier:   D5:18:76:F4:2F:89:C5:91:3D:A8:63:3B:3F:D7:30:02:55:0F:93:29
Certificate issuer:       /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial:       01856C6EFEBB20165CCC28A63CF918F6A1E4
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1Rh29C-JxZE9qGM7P9cwAlUPkyk.roa
Signing time:             Sun 01 Jan 2023 08:24:51 +0000
ROA not before:           Sun 01 Jan 2023 08:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51517
IP address blocks:        185.219.6.0/24 maxlen: 24
                          2a10:e300:8411::/48 maxlen: 64

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 05:48:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:fe:bb:20:16:5c:cc:28:a6:3c:f9:18:f6:a1:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
        Validity
            Not Before: Jan  1 08:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d51876f42f89c5913da8633b3fd73002550f9329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:83:27:3c:3f:f7:e9:4e:00:a5:f0:97:25:fe:
                    1f:cd:74:65:f2:43:82:1f:f4:0f:41:f1:f7:7a:de:
                    29:4f:5d:b1:e1:e9:40:88:31:f8:80:f5:53:5b:aa:
                    b4:a6:2d:32:cb:f7:9c:4f:bb:a6:e3:b6:1a:21:be:
                    83:1d:86:e1:ec:ff:66:32:5c:0c:14:46:93:30:50:
                    0c:85:98:5d:02:b9:0c:be:db:ff:34:6e:84:ad:fc:
                    54:51:00:a4:54:6d:da:7b:14:24:47:19:0c:6b:d8:
                    e4:11:bf:b5:29:79:59:a7:8f:db:77:20:b6:fe:b2:
                    3c:0e:60:51:66:7a:33:b2:a3:e5:e2:05:4d:23:a6:
                    4c:22:8b:2b:83:78:66:b0:f1:bb:97:67:c2:e7:59:
                    a9:2e:69:64:de:35:c9:3e:8c:6f:f6:28:5f:73:1a:
                    9d:89:6a:58:41:d7:8d:8e:ff:e9:70:52:72:00:1d:
                    4a:aa:dc:f3:d1:78:74:69:c5:a2:ef:b8:9d:f1:a1:
                    e4:a2:92:97:10:eb:fd:58:37:4c:00:34:94:c5:98:
                    3d:4a:89:ab:a3:cd:a0:b0:3d:eb:41:d6:65:20:96:
                    ee:7a:30:81:2a:f4:fa:11:11:ba:7e:3d:93:3f:b1:
                    ae:21:72:3d:78:56:4d:b3:0f:c5:6e:6a:2b:88:b0:
                    a1:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:18:76:F4:2F:89:C5:91:3D:A8:63:3B:3F:D7:30:02:55:0F:93:29
            X509v3 Authority Key Identifier:
                keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1Rh29C-JxZE9qGM7P9cwAlUPkyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.6.0/24
                IPv6:
                  2a10:e300:8411::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:b4:b4:0e:6e:34:54:87:6c:32:74:6c:d0:44:e5:0b:ad:fc:
         67:27:27:b6:90:b4:c0:f3:4a:84:74:69:66:30:a1:a0:de:3d:
         bd:55:49:95:d9:5f:9d:5a:46:52:d5:8f:cb:69:f3:e9:33:4e:
         4a:cb:f4:23:cd:db:62:6a:02:dc:97:12:e7:6b:ba:c8:80:e4:
         f9:24:f5:c1:f3:81:02:32:a0:ff:22:52:fd:7c:2c:f4:33:a2:
         40:9e:0a:27:a1:83:ff:04:40:2e:9b:d9:9a:e0:67:22:08:56:
         b7:28:ea:a8:f7:58:77:b9:03:8d:27:63:c4:6e:6d:7b:b9:88:
         29:a5:33:9b:e1:cd:43:63:70:4e:08:cd:55:9f:00:b1:c6:c5:
         9c:5c:ca:cf:92:c7:f2:b6:d2:fb:df:ae:13:1f:01:4f:01:93:
         ab:25:ab:db:4d:85:73:7c:87:17:a9:55:03:ad:2e:4b:97:31:
         cb:9e:a7:cc:15:14:73:a9:a4:e2:59:16:2a:4c:0a:39:96:16:
         85:07:e0:67:8e:f8:7a:31:00:db:4c:98:b2:5e:5f:08:d7:0c:
         76:76:c8:2a:44:91:b3:c2:fe:33:1c:1e:da:20:a6:3c:e2:76:
         0c:1c:ac:c7:f2:3e:40:67:cb:7f:39:1e:22:5e:ab:df:24:95:
         f0:5f:50:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsbv67IBZczCimPPkY9qHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjMwMTAxMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTE4NzZmNDJmODljNTkxM2RhODYzM2IzZmQ3MzAwMjU1MGY5MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIMnPD/36U4ApfCXJf4fzXRl8kOC
H/QPQfH3et4pT12x4elAiDH4gPVTW6q0pi0yy/ecT7um47YaIb6DHYbh7P9mMlwM
FEaTMFAMhZhdArkMvtv/NG6ErfxUUQCkVG3aexQkRxkMa9jkEb+1KXlZp4/bdyC2
/rI8DmBRZnozsqPl4gVNI6ZMIosrg3hmsPG7l2fC51mpLmlk3jXJPoxv9ihfcxqd
iWpYQdeNjv/pcFJyAB1Kqtzz0Xh0acWi77id8aHkopKXEOv9WDdMADSUxZg9Somr
o82gsD3rQdZlIJbuejCBKvT6ERG6fj2TP7GuIXI9eFZNsw/FbmoriLCh7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUYdvQvicWRPahjOz/XMAJVD5MpMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvMVJoMjlDLUp4WkU5cUdNN1A5Y3dBbFVQa3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAudsGMA8E
AgACMAkDBwAqEOMAhBEwDQYJKoZIhvcNAQELBQADggEBAHy0tA5uNFSHbDJ0bNBE
5Qut/GcnJ7aQtMDzSoR0aWYwoaDePb1VSZXZX51aRlLVj8tp8+kzTkrL9CPN22Jq
AtyXEudrusiA5Pkk9cHzgQIyoP8iUv18LPQzokCeCiehg/8EQC6b2ZrgZyIIVrco
6qj3WHe5A40nY8RubXu5iCmlM5vhzUNjcE4IzVWfALHGxZxcys+Sx/K20vvfrhMf
AU8Bk6slq9tNhXN8hxepVQOtLkuXMcuep8wVFHOppOJZFipMCjmWFoUH4GeO+Hox
ANtMmLJeXwjXDHZ2yCpEkbPC/jMcHtogpjzidgwcrMfyPkBny385HiJeq98klfBf
ULw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org